package org.springframework.security.oauth2.consumer;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.aspectj.weaver.model.AsmRelationshipUtils;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.MessageSource;
import org.springframework.context.MessageSourceAware;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.security.core.SpringSecurityMessageSource;
import org.springframework.security.oauth2.common.DefaultThrowableAnalyzer;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.consumer.rememberme.HttpSessionOAuth2RememberMeServices;
import org.springframework.security.oauth2.consumer.rememberme.OAuth2RememberMeServices;
import org.springframework.security.web.PortResolver;
import org.springframework.security.web.PortResolverImpl;
import org.springframework.security.web.savedrequest.DefaultSavedRequest;
import org.springframework.security.web.util.ThrowableAnalyzer;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/spring-security-oauth-1.0.0.M2.jar:org/springframework/security/oauth2/consumer/OAuth2ClientContextFilter.class */
public class OAuth2ClientContextFilter implements Filter, InitializingBean, MessageSourceAware {
    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
    private OAuth2ProfileManager profileManager = new OAuth2ProfileChain();
    private OAuth2RememberMeServices rememberMeServices = new HttpSessionOAuth2RememberMeServices();
    private PortResolver portResolver = new PortResolverImpl();
    private ThrowableAnalyzer throwableAnalyzer = new DefaultThrowableAnalyzer();

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.profileManager, "An OAuth2 flow manager must be supplied.");
        Assert.notNull(this.rememberMeServices, "RememberMeOAuth2TokenServices must be supplied.");
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        OAuth2SecurityContextImpl oAuth2SecurityContextImpl = new OAuth2SecurityContextImpl();
        oAuth2SecurityContextImpl.setDetails(httpServletRequest);
        Map<String, OAuth2AccessToken> loadRememberedTokens = getRememberMeServices().loadRememberedTokens(httpServletRequest, httpServletResponse);
        HashMap hashMap = loadRememberedTokens == null ? new HashMap() : new HashMap(loadRememberedTokens);
        oAuth2SecurityContextImpl.setAccessTokens(Collections.unmodifiableMap(hashMap));
        if (httpServletRequest.getParameter(AsmRelationshipUtils.DECLARE_ERROR) != null) {
            HashMap hashMap2 = new HashMap();
            Enumeration parameterNames = httpServletRequest.getParameterNames();
            while (parameterNames.hasMoreElements()) {
                String str = (String) parameterNames.nextElement();
                hashMap2.put(str, httpServletRequest.getParameter(str));
            }
            oAuth2SecurityContextImpl.setErrorParameters(hashMap2);
        }
        oAuth2SecurityContextImpl.setVerificationCode(httpServletRequest.getParameter("code"));
        oAuth2SecurityContextImpl.setUserAuthorizationRedirectUri(calculateCurrentUri(httpServletRequest));
        oAuth2SecurityContextImpl.setPreservedState(getRememberMeServices().loadPreservedState(httpServletRequest.getParameter("state"), httpServletRequest, httpServletResponse));
        OAuth2SecurityContextHolder.setContext(oAuth2SecurityContextImpl);
        try {
            try {
                filterChain.doFilter(servletRequest, servletResponse);
            } catch (Exception e) {
                OAuth2ProtectedResourceDetails checkForResourceThatNeedsAuthorization = checkForResourceThatNeedsAuthorization(e);
                String id = checkForResourceThatNeedsAuthorization.getId();
                while (!hashMap.containsKey(id)) {
                    try {
                        OAuth2AccessToken obtainAccessToken = getProfileManager().obtainAccessToken(checkForResourceThatNeedsAuthorization);
                        if (obtainAccessToken != null) {
                            hashMap.put(id, obtainAccessToken);
                            try {
                            } catch (Exception e2) {
                                checkForResourceThatNeedsAuthorization = checkForResourceThatNeedsAuthorization(e2);
                                id = checkForResourceThatNeedsAuthorization.getId();
                            }
                            if (httpServletResponse.isCommitted()) {
                                throw new IllegalStateException("Unable to reprocess filter chain with needed OAuth2 resources because the response is already committed.");
                                break;
                            }
                            filterChain.doFilter(httpServletRequest, httpServletResponse);
                        } else {
                            throw new IllegalStateException("Flow manager returned a null access token, which is illegal according to the contract.");
                        }
                    } catch (UserRedirectRequiredException e3) {
                        redirectUser(e3, httpServletRequest, httpServletResponse);
                        OAuth2SecurityContextHolder.setContext(null);
                        getRememberMeServices().rememberTokens(hashMap, httpServletRequest, httpServletResponse);
                        return;
                    }
                    OAuth2SecurityContextHolder.setContext(null);
                    getRememberMeServices().rememberTokens(hashMap, httpServletRequest, httpServletResponse);
                    throw th;
                }
            }
            OAuth2SecurityContextHolder.setContext(null);
            getRememberMeServices().rememberTokens(hashMap, httpServletRequest, httpServletResponse);
        } catch (Throwable th) {
            OAuth2SecurityContextHolder.setContext(null);
            getRememberMeServices().rememberTokens(hashMap, httpServletRequest, httpServletResponse);
            throw th;
        }
    }

    protected void redirectUser(UserRedirectRequiredException userRedirectRequiredException, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (userRedirectRequiredException.getStateToPreserve() != null) {
            getRememberMeServices().preserveState(userRedirectRequiredException.getStateKey(), userRedirectRequiredException.getStateToPreserve(), httpServletRequest, httpServletResponse);
        }
        try {
            String redirectUri = userRedirectRequiredException.getRedirectUri();
            StringBuilder sb = new StringBuilder(redirectUri);
            Map<String, String> requestParams = userRedirectRequiredException.getRequestParams();
            char c = redirectUri.indexOf(63) < 0 ? '?' : '&';
            for (Map.Entry<String, String> entry : requestParams.entrySet()) {
                sb.append(c).append(entry.getKey()).append('=').append(URLEncoder.encode(entry.getValue(), "UTF-8"));
                c = '&';
            }
            httpServletResponse.sendRedirect(sb.toString());
        } catch (UnsupportedEncodingException e) {
            throw new IllegalStateException(e);
        }
    }

    protected OAuth2ProtectedResourceDetails checkForResourceThatNeedsAuthorization(Exception exc) throws ServletException, IOException {
        OAuth2AccessTokenRequiredException oAuth2AccessTokenRequiredException = (OAuth2AccessTokenRequiredException) getThrowableAnalyzer().getFirstThrowableOfType(OAuth2AccessTokenRequiredException.class, getThrowableAnalyzer().determineCauseChain(exc));
        if (oAuth2AccessTokenRequiredException != null) {
            OAuth2ProtectedResourceDetails resource = oAuth2AccessTokenRequiredException.getResource();
            if (resource == null) {
                throw new OAuth2AccessDeniedException(oAuth2AccessTokenRequiredException.getMessage());
            }
            return resource;
        }
        if (exc instanceof ServletException) {
            throw ((ServletException) exc);
        }
        if (exc instanceof IOException) {
            throw ((IOException) exc);
        }
        if (exc instanceof RuntimeException) {
            throw ((RuntimeException) exc);
        }
        throw new RuntimeException(exc);
    }

    protected String calculateCurrentUri(HttpServletRequest httpServletRequest) {
        return new DefaultSavedRequest(httpServletRequest, getPortResolver()).getRedirectUrl();
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }

    @Override // org.springframework.context.MessageSourceAware
    public void setMessageSource(MessageSource messageSource) {
        this.messages = new MessageSourceAccessor(messageSource);
    }

    public OAuth2ProfileManager getProfileManager() {
        return this.profileManager;
    }

    public void setProfileManager(OAuth2ProfileManager oAuth2ProfileManager) {
        this.profileManager = oAuth2ProfileManager;
    }

    public OAuth2RememberMeServices getRememberMeServices() {
        return this.rememberMeServices;
    }

    public void setRememberMeServices(OAuth2RememberMeServices oAuth2RememberMeServices) {
        this.rememberMeServices = oAuth2RememberMeServices;
    }

    public ThrowableAnalyzer getThrowableAnalyzer() {
        return this.throwableAnalyzer;
    }

    public void setThrowableAnalyzer(ThrowableAnalyzer throwableAnalyzer) {
        this.throwableAnalyzer = throwableAnalyzer;
    }

    public PortResolver getPortResolver() {
        return this.portResolver;
    }

    public void setPortResolver(PortResolver portResolver) {
        this.portResolver = portResolver;
    }
}
